A Russian website is being shut down for streaming images stolen from the likes of baby monitors, bedroom cameras and CCTV.
The site has been featuring live feeds from basically anywhere that’s broadcasting on cam, including a gym in Manchester, a bedroom in Birmingham and an office in Leicester. The site’s database shows listings for 4,591 cameras in the US, 2,059 in France and 1,576 in the Netherlands.
The UK’s information commissioner Christopher Graham urged the Russian authorities to take immediate action to take down the site, but Russia being Russia at the moment, there’ll probably try and make an international incident out of it.
Graham also said he also would be working with the Federal Trade Commission in the US to try to force the site to close if the Russian authorities failed to cooperate.
Interviewed on BBC Radio 4’s Today programme, Graham said: “I’m very concerned about what this [website] shows and I want the Russians to take this down straight away … We now want to take very prompt action working with the Federal Trade Commission in the States to get this thing closed down. But the more important thing is to get the message out to consumers to take those security measures. If you don’t need remote access to a webcam then switch off that function altogether.”
Graham also said consumers were too laid back about security: “We have got to grow up about this sort of thing,”
“These devices are very handy if you want to have remote access to make sure your child is OK, or the shop is alright, but everyone else can access that too unless you set a strong password. This isn’t just the boring old information commissioner saying ‘set a password’. This story today is an illustration of what happens if you don’t do that. If you value your privacy put in the basic security arrangements. It’s not difficult.”
The Russian site has been online for a month, and has already been the cause of some alert around the world. The UK have known about it for just over 24 hours.
So, watch out next time you do a broadcast. Your audience may be more global than you thought.
WhatsApp will now have encrypted messages from now, which is a boon for those who are concerned about personal privacy when chatting and sending photos of their junk to hook-ups. Of course, governments and spy-agencies won’t be at all happy about this, as they get jumpy and start shouting ‘TERRORISTS!’ as soon as anyone hides what they’re talking about.
WhatsApp said that this is the “largest deployment of end-to-end encryption ever.” What that means, in English, is that your messages are safe from people listening-in, unless of course, WhatsApp have a deal with someone where they’ll pass all that information on. Seeing as they’re owned by Facebook, you’d be daft to not indulge that in your thoughts.
Thus far, it’ll only work on Android and is limited to one-on-one text-only chats. So group chats and photos are not as locked down.
Whisper Systems – the company behind the software which is being used to encrypt your WhatsApp messages – have said: ”We have a ways to go until all mobile platforms are fully supported, but we are moving quickly towards a world where all WhatsApp users will get end-to-end encryption by default.”
It does look like chat-apps are all working toward utilising this kind of encryption, which is a headache for the NSA and GCHQ. In their eyes, the only people who should have encrypted messages are government officials and people like the FBI.
The much loathed MasterCard SecureCode and Verified by Visa systems are set to be usurped by a much easier to use set-up.
The systems that ask for further information and an extra password were meant to be a way of halting fraud and making it safer to shop on the internet.
However the systems have also been considered a bit of a faff and open to exploitation.
Initially it all sounded quite comforting. You’d get an extra window asking for fragments of your password and you’d feel all safe and that.
Yet according to customer feedback, customers have struggled to remember additional passwords, and there’s also been issues around whether the pop-up windows were not a front for some evil.
The new system will revolve around customers having passwords texted to them, which they would then type in.
Ajay Bhalla, president of enterprise security solutions at MasterCard, said: “All of us want a payment experience that is safe as well as simple, not one or the other. We want to identify people for who they are, not what they remember. We have too many passwords to remember and this creates extra problems for consumers and businesses.”
MasterCard believe that mobile payments will account for 30% of online retail sales by 2018.
Well, they say ‘half’, but based on a survey of 2000 web users, 51% said they’d been affected by online scams, phishing, ID theft or some pesky virus.
The report by the Get Safe Online organisation, also said that many victims are left emotionally scarred by the experience.
Which is about right. You DO feel a bit vulnerable and freaked out that some arse has buggered your online-scene up.
Half of the victims said they felt violated by their ordeal and rued clicking on that link for free glans/baps (delete as appropriate). Only 14% of the affected felt they’d achieved any kind of redress after the matter either.
Also, a report by the National Fraud Intelligence Bureau, released to coincide with Get Safe Online Week, claimed that online scams raked in £670m between 1 September 2013 and 31 August 2014.
However an upshot of all this, has meant that those who have been violated then got heavy with web protection and not being so free and easy with their online behaviour.
Tony Neate, chief executive of Get Safe Online reckons this, by saying “Get Safe Online Week this year is all about ‘Don’t be a victim’, and we can all take simple steps to protect ourselves, including putting a password on your computer or mobile device, never clicking on a link sent by a stranger, using strong passwords and always logging off from an account or website when you’re finished.”
“The more the public do this, and together with better conviction rates, the more criminals won’t be able to hide behind a cloak of anonymity.”
Meanwhile Minister for the Cabinet Office Francis Maude threw his weight in and said the figures underlined the importance of doing everything possible to shore up the UK’s cyber defences, saying: “The UK cyber market is worth over £80bn a year and rising. The internet is undoubtedly a force for good, but we cannot stand still in the face of these threats, which already cost our economy billions every year.”
“We have an £860m Cyber Security Programme which supports law enforcement’s response to cybercrime, and we are working with the private sector to help all businesses protect vital information assets.”
The credit card giant are doing tests to see if a fingerprint function would work instead of a PIN number.
The company unveiled the protoype, which they developed in conjunction with Norwegian company Zwipe, who invented the fingerprint technology.
The contactless payment card has an integrated fingerprint sensor and a secure data store for the cardholder’s biometric data, which is held only on the card and not in an external database, the companies said.
The card also has an EMV chip, used in European payment cards instead of a magnetic stripe to increase payment security, and a MasterCard application to allow contactless payments.
The card is currently thicker than the usual ones, as it will have a battery in it to make it work, however Zwipe plan to eliminate the battery and make it the same as other cards, once they’ve started harnessing energy from contactless terminals.
As the fingerprint authentication is quite unique, there’s no limit on contactless payments, whereas other contactless cards have limits in them so that bad people can’t use them to buy diamonds.
Norwegian bank Sparebanken DIN has already tested the Zwipe card, and plans to offer biometric authentication and contactless communication for all its cards apparently.
Hands up if you want Mastercard to store your fingerprints?
Mildly creepy news now, as Apple and Facebook are offering to freeze eggs for female employees.
In an interesting approach to try and expand their appeal for more females on their workforce, Apple said it would offer the perk to US-based staff from January.
“Apple cares deeply about our employees and their families, and we are always looking at new ways our health programmes can meet their needs,” said the company.
“We continue to expand our benefits for women, with a new extended maternity leave policy, along with cyropreservation and egg storage as part of our extensive support for infertility treatments … We want to empower women at Apple to do the best work of their lives as they care for loved ones and raise their families.”
It all sounds a bit Demon Seed really.
This, and other initiatives are said to be the doing of new human resources head Denise Young Smith, who is all for diversity and that. Facebook offers up to $20,000 (£13,000) for egg freezing for female employees. The company also offers adoption and surrogacy assistance.
Of course, they won’t actually be using the eggs to experiment on and try and build the first Google Child. That’s not going to happen. Oh no.
The latest in the long line of unending hackery was spotted after hackers were able to get at logins and passwords via a third party affair.
Hackers leaked 400 accounts onto site Pastebin, claiming to make the remaining 6.9 million hacked accounts available to users in return for Bitcoin donations, according to The Next Web.
The post threatened that 6.9 million Dropbox accounts had been hacked, including photos, videos and other files.
Obviously Dropbox don’t want to be seen as quite so vulnerable and so dismissed it, claiming: “These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts.
“We’d previously detected these attacks and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have been expired as well.”
Dropbox reckon that the service consistently expiries passwords for accounts that are being attacked, but could not provide a number of accounts that expired recently.
The news comes as wasteman Edward Snowden claims individuals who care about their privacy should “get rid of Dropbox”, counting it among the services that are “hostile to privacy.”
Either way, Dropbox should change their company logo from ‘your stuff, anywhere’, to ‘your stuff, bloody everywhere’.
The Snapchat nudes leak is a real thing, now dubbed ‘The Snappening’ after the iCloud leak was referred to as ‘The Fappening’.
Videos and images of around 200,000 people, which were stored on a third party website, have been put online. This time, it doesn’t just focus on celebrities.
It appears the third party site in question is Snapsaved.com, which allows users to grab a screenshot of the Snapchat images that usually expire after a few seconds.
Snapsaved appears to have saved not only the images, but also, the users’ login details so that, in the torrent that stores all the images, you can search for images under people’s usernames. This third party is not to be confused with Snapsave, which only stores images on the phone of the user.
4chan, as ever, were the ones to announce the 13 gigabytes of images, but one of the problems here is that much of the content could be from underage users, meaning that anyone who distributes the photos or hosts them, could be in legal trouble for hosting child porn or sexual images of minors.
After the huge celebrity leak of photos, dubbed ‘The Fappening’, looks like we’re due ‘The Snappening’ as rumours abound that hackers have got a load of Snapchat photos and plan release all the mucky, naked ones that match with usernames.
They’ll be available on October 12th on a torrent.
According to reports, the hackers have a 13GB library of snaps from a third-party app which allows users to save Snapchats without the sender knowing.
Snapchat are deflecting blame away from themselves, but if they were really vigilant, they should’ve got third party apps removed from app stores or something.
What should worry people though is that a lot of young people use Snapchat, which means anyone looking at any potential leaks could basically be looking at compromising images of underage kids.
Ads claiming to have nudey footage of the Harry Potter star are actually trojans riddled with malware.
Serves you right if you’re that type of person into leaked celebrity baps to be honest.
Bitdefender’s cooly-named Chief Security Strategist, Catalin Cosoi, told Digital Spy: “It all starts with a Facebook comment promising to reveal private or leaked videos of Emma Watson”.
“The comments are automatically posted by users infected with the malware. As is the case with many Facebook scams, victims end up as marketers for cyber-crooks.”
“When users click on the malicious links, they are redirected to a salacious YouTube copycat. Future victims are then asked to update their Flash Player to the latest secured version of Video Player, as an error allegedly prevents them from watching the leaked videos of Emma Watson.”
As if you needed reminding, trojan malware is a bastard, and will rifle through your computer for anything stealable.
Disguised by the Flash Player icon, Trojan downloads the infected components into computer files. The videos themselves are hosted by a fake YouTube account, identified by the Anonymous Guy Fawkes avatar in the left hand corner.
So anyway. Norks on the internet. More harm than good.